Configuring ACL SRP Checkpoint

Feature Summary and Revision History

Summary Data

Applicable Product(s) or Functional Area

ASR 5500

Applicable Platform(s)

  • ASR 5500

  • VPC-DI

Feature Default

Disabled - Configuration Required

Related Changes in This Release

Not Applicable

Related Documentation

  • ASR 5500 System Administration Guide

  • Command Line Interface Reference

  • Statistics and Counters Reference

Revision History

Revision Details

Release

The Access List (ACL) configuration is supported in SRP checkpoint functionality.

2024.02.0

VRF configuration under the BGP router configuration is supported in SRP checkpoint functionality.

21.27.m0

Feature Description

The ICSR setup enables SRP Peer configuration validation for access list (ACL) configurations through the srp-validate access-list CLI command. Without the configuration of the CLI, access list configuration were not validated for identicalness between the active and standby in ICSR, resulting in denied traffic to be permitted and vice-versa after a switchover.

For more information, refer to the Configuring SRP Checkpoint section in the ASR 5500 System Administration Guide.

Configuring ACL SRP Checkpoint

Use the following configuration to allow the IP and IPv6 access list configurations for the SRP checkpoint functionality.

configure 
  context context_name 
    service-redundancy-protocol 
      [ no ] srp-validate access-list  
      end

NOTES:

  • srp-validate : Enables SRP Peer configuration validation for specific configurations

  • access-list : Enables SRP Peer configuration validation for ACL.

  • no : Disables associating with the access list.

Monitoring and Troubleshooting

This section provides information on how to monitor and troubleshoot using show commands to support this feature.

Show Commands and Output

This section provides information regarding show commands and their outputs for this feature.

show configuration srp

The output of this command is enhanced to display the following field.

Table 1. show configuration srp Command Output Descriptions
Field Description

vrf-srp-validate

Indicates that the SRP validation for BGP VRF configuration is enabled.

srp-validate access-list

 Displays that the IP and IPv6 access list configurations for the SRP checkpoint validation is enabled.